dokuwiki_extensions / inc / auth / joomla.class.php

<?php
/**
 * Copyright (c) 2012 Nicolas Ruflin, Kai Klesatschke
 *
 * The MIT License (MIT)
 *
 * Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the "Soft-
 * ware"), to deal in the Software without restriction, including without
 * limitation the rights to use, copy, modify, merge, publish, distribute,
 * sublicense, and/or sell copies of the Software, and to permit persons
 * to whom the Software is furnished to do so, subject to the following
 * conditions:
 *
 * The above copyright notice and this permission notice shall be included
 * in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 
 * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 * IN THE SOFTWARE.
 */

require("/path/to/your/joomla/configuration.php");

/**
 * Dokuwiki authentification backend for Joomla 1.5.
 */
class auth_joomla extends auth_basic {

  var $addWokuWikiDefaultGroups = false;
  var $tblUsers  = "jos_users";
  var $tblGroups = "jos_core_acl_aro_groups";

  /**
  * Constructor
  * @author    Nicolas Ruflin <dev@ruflin.com>
  */
  function auth_joomla() {
    $joomlaCfg = new JConfig();
    $conn = mysql_connect($joomlaCfg->host,$joomlaCfg->user,$joomlaCfg->password);
    mysql_select_db($joomlaCfg->db, $conn);

    $this->cando['addUser']       = false; // can Users be created?      
    $this->cando['delUser']       = false; // can Users be deleted?      
    $this->cando['modLogin']      = false; // can login names be changed?
    $this->cando['modPass']       = false; // can passwords be changed?  
    $this->cando['modName']       = false; // can real names be changed? 
    $this->cando['modMail']       = false; // can emails be changed?     
    $this->cando['modGroups']     = false; // can groups be changed?     
    $this->cando['getUsers']      = false; // can a (filtered) list of users be retrieved?
    $this->cando['getUserCount']  = true; // can the number of users be retrieved?
    $this->cando['getGroups']     = true; // can a list of available groups be retrieved?
    $this->cando['external']      = false; // does the module do external auth checking?
    $this->cando['logout']        = true; // can the user logout again? (eg. not possible with HTTP auth)
  }


  /**
   * Checks if the given user exists and the given
   * plaintext password is correct
   *
   * @param user The user name.
   * @param pass The user password.
   * @return  true if authentication succeeded, false otherwise.
   *
   * @author Nicolas Ruflin <dev@ruflin.com>
   * @author Kai Klesatschke <yavin@gmx.com>
   */
  function checkPass($user,$pass){
    $sql = "SELECT password FROM $this->tblUsers WHERE username = '$user'";
    $res = mysql_fetch_array(mysql_query($sql));
    return $this->checkJoomlaPassword($pass,$res['password']);
  }

  /**
  * Checks the password with salt.
  * @param pass The entered user password
  * @param dbpass The password stored in database.
  * @return true if passwords match, false otherwise.
  *
  * @author Nicolas Ruflin <dev@ruflin.com>
  */
  function checkJoomlaPassword($pass,$dbpass) {

    //Splittet den String auf
    list($hash, $salt) = explode(':', $dbpass);

    //setzt salt-wert mit dem eingegebenen Passwort zusammen und gibt den md5 Wert zurück
    $cryptpass = md5($pass.$salt);

    //überprüft ob Doppelpunkt vorhanden und vergleich hash-Wert mit den cryptpass
    if( (strpos($dbpass,':') == true) && $hash == $cryptpass) {
      return true;
    }

    return false;
  }

  /**
  * Returns info about the given user needs to contain
  * at least these fields:
  *
  * name string  full name of the user
  * mail string  email addres of the user
  * grps array   list of groups the user is in
  *
  * @param user The user name.
  * @return  array containing user data or false
  *
  * @author Nicolas Ruflin <dev@ruflin.com>
  * @author Kai Klesatschke <yavin@gmx.com>
  */
  function getUserData($user) {
    $name = $user;
    $email = "";
    $groups = array();

    $sql = "SELECT name, email, gid FROM $this->tblUsers WHERE username = '$user';";
    $u = mysql_fetch_array(mysql_query($sql));
        
    if($addWokuWikiDefaultGroups) {      
      // for legacy reasons add the default groups of Dokuwiki.
      array_push($groups, "user");
    }

    if($u != null) {
      $email = $u['email'];
      $name = $u['name'];
      $gid = $u['gid'];
      
      if($addWokuWikiDefaultGroups && $gid == 25) {
        // for legacy reasons add the default groups of Dokuwiki.
        array_push($groups, "admin" );
      }
      
      $sql = "SELECT id, name FROM $this->tblGroups WHERE id=$gid;";
      $grp = mysql_fetch_array(mysql_query($sql));

      if($grp != null) {
        $grpname = $grp['name'];
        $grpname = str_replace(" ", "", $grpname);
        array_push($groups, $grpname );
      }      
    }    

    $user = array('name' => $name, 'mail' => $email ,'grps' => $groups );

    return $user;
  }

  /**
  * @param filter The array of filter criteria.
  * @return Returns a count of the number of user which meet $filter criteria.
  * @author Kai Klesatschke <yavin@gmx.com>
  */
  function getUserCount($filter=array()) {
    msg("getUserCount");
    $sql = "SELECT COUNT(*) FROM $this->tblUsers;";
    $count = mysql_query($sql);
    return $count;
  }

  /**
  * Retrieve the joomla user groups.
  *
  * @param start The start index.
  * @param limit The limit index.
  * @return An array of groups.
  * @author Kai Klesatschke <yavin@gmx.com>
  */
  function retrieveGroups($start=0,$limit=0) {
    msg("retrieveGroups");
    $sql = "SELECT name FROM $this->tblGroups;";
    $grps = mysql_fetch_array(mysql_query($sql));

    if($grps != null) {
      return $grps;
    }
    else {
      return array();
    }
  }
}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.